A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.04 LTS (Focal Fossa) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * openssl: 1.1.1f-1ubuntu2.2 => 1.1.1f-1ubuntu2.3 * update-notifier: 3.192.30.5 => 3.192.30.6 The following is a complete changelog for this image. new: {} removed: {} changed: ['libssl1.1:amd64', 'openssl', 'update-notifier-common'] new snaps: {} removed snaps: {} changed snaps: [] ==== openssl: 1.1.1f-1ubuntu2.2 => 1.1.1f-1ubuntu2.3 ==== ==== libssl1.1:amd64 openssl * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing - debian/patches/CVE-2021-3449-1.patch: fix NULL pointer dereference in ssl/statem/extensions.c. - debian/patches/CVE-2021-3449-2.patch: teach TLSProxy how to encrypt <= TLSv1.2 ETM records in util/perl/TLSProxy/Message.pm. - debian/patches/CVE-2021-3449-3.patch: add a test to test/recipes/70-test_renegotiation.t. - debian/patches/CVE-2021-3449-4.patch: ensure buffer/length pairs are always in sync in ssl/s3_lib.c, ssl/ssl_lib.c, ssl/statem/extensions.c, ssl/statem/extensions_clnt.c, ssl/statem/statem_clnt.c, ssl/statem/statem_srvr.c. - CVE-2021-3449 ==== update-notifier: 3.192.30.5 => 3.192.30.6 ==== ==== update-notifier-common * data/list-oem-metapackages: + Handle bad apt indexes. apt.Cache() can fail if the apt lists can't be parsed for whatever reason. Handle that and exit 0 so that update-notifier continues. A consequence of being in this state is that we can't find any oem metapackages if any are applicable. If the indexes become good again then we'll find them next time. (LP: #1913726) -- [1] http://cloud-images.ubuntu.com/releases/focal/release-20210325/ [2] http://cloud-images.ubuntu.com/releases/focal/release-20210323/